Windows Help Vulnerability Target of Newly Released Trojan   - 1,845 Views, 1 Comment

Summary: It seems that online baddies are again using a flaw in the Windows help system to help themselves - to access to your computer system. As reported by Aunty last week, a flaw in the help system for certain releases of Windows, along ...

Previous Article « Software Author Takes Down Copycat Pirate
Read Next Article » Use Your (Windows) Power for Good

  Follow Anne on Twitter     Friend Anne on Facebook


It seems that online baddies are again using a flaw in the Windows help system to help themselves - to access to your computer system.

As reported by Aunty last week, a flaw in the help system for certain releases of Windows, along with instructions on how to exploit it, were announced by a Chinese security firm earlier this month.

However this new Trojan, just discovered this week by security firm Symantec, is a different exploitation of that ‘help’ flaw, found in computers running Windows XP Service Pack 2 or later.

The Trojan, known as “Phel.A” (”phel” being an anagram of “help”), shows up as an .html file, and performs all kinds of nasty operations on the host computer.

Microsoft still has not released a patch for this flaw, but says that they are “taking this vulnerability very seriously” and that “an update to correct the vulnerability is currently in development”.

In the meantime, Symantec has a list of measures you can and should take to minimize the likelihood of Phel.A getting the best of you, along with instructions for removing the Trojan, available here.

Windows Help Vulnerability Target of Newly Released Trojan

 Follow Anne on Twitter

 Twitter Explained in Plain English

 Friend Anne on Facebook

Previous Article « Software Author Takes Down Copycat Pirate
Read Next Article » Use Your (Windows) Power for Good

Read more:

»  Microsoft WMF Patch for Windows Metafile (WMF) Issue Released Early - Get It Now!

»  MySpace Ads Infect Millions with Spyware

»  Microsoft Announces Web View Security Hole in Windows 2000

»  Windows Media and Outlook Express Both at High Risk

For additional similar stories check out our archives on Security, Virus & AntiVirus, Windows

NOTE: We never, ever, ever will recommend any product or service on this site that we have not regularly used ourselves and do not wholeheartedly believe in. That said, in some cases after being very pleased with a product or service, we may enter into a relationship with the provider of that product or service such that if someone purchases that product or service based on our recommendation, we may get a small payment. Such payments go towards the upkeep of the Internet Patrol.

 

1 Comment »

  1. Windows Help Vulnerability Target of Newly Released Trojan
    It seems that online baddies are again using a flaw in the Windows help system to help themselves - to access to your computer system. As reported by Aunty last week, a flaw in the help system for certain releases…

    Trackback by Lockergnome's Windows Fanatics — 12/30/2004 @ 9:15 pm

RSS feed for comments on this post. TrackBack URI

Leave a comment

Warning! All comments which contain URLs and are clearly just spam to generate a link back to the URL will be deleted on sight. Don't bother wasting your time!

If you are going to include a URL in your comment,
please keep it under 25 characters in length,
or use TinyURL to shorten it before including it in your comment.

Line and paragraph breaks are automatic, your email address is never displayed.
HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

(required)

(required)


If you have not posted a comment here before, we apologize for having to ask you to enter the letters and numbers you see in the image above to validate your comment, but we are being attacked by thousands of comment form spams every day! You only need to do this once; once you have successfuly posted a comment here you will not be asked to do this again. Thank you for your understanding!

 
 This article first appeared on 12/30/2004
The Internet Patrol
Patrolling the Internet for You!